Merge pull request #14 from boostcampwm-2022/feat/#9-K

Feat/#9-K: 로그인 및 로그아웃 API

Author: se030

package-lock.json

@@ -0,0 +1,37 @@
+import express, { Request, Response, NextFunction } from "express";
+import * as authService from "./service";
+
+const router = express.Router();
+
+router.post(
+  "/login",
+  async (req: Request, res: Response, next: NextFunction) => {
+    try {
+      const { code } = req.body;
+
+      const { loginToken, refreshToken } = await authService.login(code);
+
+      const cookieOptions = {
+        httpOnly: true,
+        sameSite: "lax",
+        maxAge: 1000 * 60 * 60 * 24,
+        signed: true,
+      };
+      res.cookie("accessToken", loginToken, cookieOptions);
+      res.cookie("refreshToken", refreshToken, cookieOptions);
+
+      res.status(200).send();
+    } catch (e) {
+      next(e);
+    }
+  }
+);
+
+router.delete("/logout", (req: Request, res: Response) => {
+  authService.logout(req.signedCookies.accessToken);
+
+  res.clearCookie("accessToken");
+  res.status(200).send();
+});
+
+export default router;

server/apis/auth/controller.ts

@@ -0,0 +1,101 @@
+import axios from "axios";
+import env from "@config";
+import userModel from "@apis/user/model";
+import * as jwt from "@utils/jwt";
+
+interface TokenResponse {
+  access_token: string;
+  token_type: string;
+}
+
+const ACCESS_TOKEN_REQUEST_URL = "https://github.com/login/oauth/access_token";
+const USER_REQUEST_URL = "https://api.github.com/user";
+
+const getAccessToken = async (code: string) => {
+  const body = {
+    client_id: env.GITHUB_CLIENT_ID,
+    client_secret: env.GITHUB_CLIENT_SECRET,
+    code,
+  };
+  const headers = {
+    "Content-Type": "application/json",
+    Accept: "application/json",
+  };
+
+  const { data: accessTokenResponse } = await axios.post(
+    ACCESS_TOKEN_REQUEST_URL,
+    body,
+    {
+      headers,
+    }
+  );
+
+  if (accessTokenResponse.error) {
+    throw new Error("access token 생성 요청 실패");
+  }
+
+  return accessTokenResponse;
+};
+
+const getGithubUser = async (accessToken: string, tokenType: string) => {
+  const { data: user } = await axios.get(USER_REQUEST_URL, {
+    headers: {
+      Authorization: `${tokenType} ${accessToken}`,
+    },
+  });
+
+  if (user.error) {
+    throw new Error("OAuth 유저 정보 요청 실패");
+  }
+
+  return user;
+};
+
+export const login = async (code: string) => {
+  const { access_token: accessToken, token_type: tokenType }: TokenResponse =
+    await getAccessToken(code);
+
+  const {
+    id,
+    login: name,
+    avatar_url: avatarUrl,
+  } = await getGithubUser(accessToken, tokenType);
+
+  const isSignedUp = userModel.exists({ id });
+
+  if (!isSignedUp) {
+    userModel.create({
+      id,
+      name,
+      avatarUrl,
+    });
+  }
+
+  const payload = { id, name, avatarUrl };
+
+  const loginToken = jwt.generateAccessToken(payload);
+  const refreshToken = jwt.generateRefreshToken(payload);
+
+  return { loginToken, refreshToken };
+};
+
+export const logout = async (accessToken: string) => {
+  try {
+    const { id } = jwt.verifyToken(accessToken);
+
+    userModel.updateOne({ id }, { refreshToken: null });
+    return;
+  } catch (err) {
+    /* 
+      https://github.com/auth0/node-jsonwebtoken
+
+      err = {
+        name: 'TokenExpiredError',
+        message: 'jwt expired',
+        expiredAt: 1408621000
+      }
+
+      throw err;
+    */
+  }
+};

server/apis/auth/service.ts

@@ -0,0 +1,23 @@
+import { Schema } from "mongoose";
+import mongoose from "@db";
+
+interface Block {
+  type: String;
+  contents?: String;
+}
+
+interface Mom {
+  id: number;
+  name: string;
+  blocks: Block[];
+}
+
+const momSchema = new Schema<Mom>({
+  id: Number,
+  name: String,
+  blocks: Array<Block>,
+});
+
+const momModel = mongoose.model("Mom", momSchema);
+
+export default momModel;

server/apis/mom/model.ts

@@ -0,0 +1,22 @@
+import { Schema } from "mongoose";
+import mongoose from "@db";
+
+interface User {
+  id: number;
+  name: string;
+  avatarUrl: string;
+  createdAt: Date;
+  workspaces: number[];
+}
+
+const userSchema = new Schema<User>({
+  id: { type: Number, required: true },
+  name: { type: String, required: true },
+  avatarUrl: { type: String, required: true },
+  createdAt: { type: Date, default: new Date() },
+  workspaces: { type: [Number], default: [] },
+});
+
+const userModel = mongoose.model("User", userSchema);
+
+export default userModel;

server/apis/user/index.ts

@@ -0,0 +1,20 @@
+import { Schema } from "mongoose";
+import mongoose from "@db";
+
+interface Workspace {
+  id: number;
+  name: string;
+  users: number[];
+  moms: number[];
+}
+
+const workspaceSchema = new Schema<Workspace>({
+  id: { type: Number, required: true },
+  name: { type: String, required: true },
+  users: Array<Number>,
+  moms: Array<Number>,
+});
+
+const workspaceModel = mongoose.model("Workspace", workspaceSchema);
+
+export default workspaceModel;

server/apis/user/model.ts

@@ -8,4 +8,8 @@ export default {
   DATABASE_USER: process.env.DATABASE_USER,
   DATABASE_PASSWORD: process.env.DATABASE_PASSWORD,
   DATABASE_NAME: process.env.DATABASE_NAME,
+  COOKIE_SECRET_KEY: process.env.COOKIE_SECRET_KEY,
+  JWT_SECRET_KEY: process.env.JWT_SECRET_KEY,
+  GITHUB_CLIENT_ID: process.env.GITHUB_CLIENT_ID,
+  GITHUB_CLIENT_SECRET: process.env.GITHUB_CLIENT_SECRET,
 };

server/apis/workspace/model.ts

@@ -0,0 +1,11 @@
+import mongoose from "mongoose";
+import env from "../config";
+
+const options = {
+  maxPoolSize: 10,
+};
+
+const DATABASE_URL = `mongodb://${env.DATABASE_USER}:${env.DATABASE_PASSWORD}@${env.DATABASE_HOST}:${env.DATABASE_PORT}/${env.DATABASE_NAME}`;
+mongoose.connect(DATABASE_URL, options);
+
+export default mongoose;